WO2009068956A3 - Procédé d'authentification sans duplication des informations d'identification pour les utilisateurs appartenant à des organisations différentes - Google Patents

Procédé d'authentification sans duplication des informations d'identification pour les utilisateurs appartenant à des organisations différentes Download PDF

Info

Publication number
WO2009068956A3
WO2009068956A3 PCT/IB2008/003194 IB2008003194W WO2009068956A3 WO 2009068956 A3 WO2009068956 A3 WO 2009068956A3 IB 2008003194 W IB2008003194 W IB 2008003194W WO 2009068956 A3 WO2009068956 A3 WO 2009068956A3
Authority
WO
WIPO (PCT)
Prior art keywords
organization
user
internet
access
authentication method
Prior art date
Application number
PCT/IB2008/003194
Other languages
English (en)
Other versions
WO2009068956A2 (fr
Inventor
Andrea Ghittino
Stefano Annese
Roberto Borri
Sergio Sagliocco
Original Assignee
Csp - Innovazione Nelle Ict Scarl
S.I.Sv.El. S.P.A. Societa' Italiana Per Lo Sviluppo Dell'elettronica
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Csp - Innovazione Nelle Ict Scarl, S.I.Sv.El. S.P.A. Societa' Italiana Per Lo Sviluppo Dell'elettronica filed Critical Csp - Innovazione Nelle Ict Scarl
Priority to CN200880117640.3A priority Critical patent/CN101919221B/zh
Priority to US12/742,761 priority patent/US8386770B2/en
Priority to BRPI0820065A priority patent/BRPI0820065A2/pt
Priority to JP2010535465A priority patent/JP5507462B2/ja
Priority to CA2706827A priority patent/CA2706827C/fr
Priority to KR1020107013948A priority patent/KR101518526B1/ko
Priority to EP08853846A priority patent/EP2215802A2/fr
Priority to RU2010126178/08A priority patent/RU2507702C2/ru
Publication of WO2009068956A2 publication Critical patent/WO2009068956A2/fr
Publication of WO2009068956A3 publication Critical patent/WO2009068956A3/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/168Implementing security features at a particular protocol layer above the transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)
  • Information Transfer Between Computers (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

La présente invention se rapporte à un procédé pour permettre à un utilisateur d'accéder à internet. Un utilisateur envoie une demande d'accès à internet par l'intermédiaire de la passerelle d'une première organisation et fournit à celle-ci certaines informations d'identification pour son authentification auprès d'une seconde organisation. Les informations d'identification fournies contiennent au moins une information sur la seconde organisation. La première organisation contacte la seconde organisation dans le but d'authentifier l'utilisateur et de l'autoriser à accéder à internet. La seconde organisation accorde ensuite à l'utilisateur l'autorisation d'accéder à internet. Selon l'invention, à la réception de la demande d'accès, la passerelle redirige l'utilisateur vers une page web de la seconde organisation ; sur cette page, l'utilisateur fournit à la seconde organisation des informations d'identification supplémentaires nécessaires à son identification.
PCT/IB2008/003194 2007-11-26 2008-11-24 Procédé d'authentification sans duplication des informations d'identification pour les utilisateurs appartenant à des organisations différentes WO2009068956A2 (fr)

Priority Applications (8)

Application Number Priority Date Filing Date Title
CN200880117640.3A CN101919221B (zh) 2007-11-26 2008-11-24 用于属于不同机构的用户的无需证书复制的认证方法
US12/742,761 US8386770B2 (en) 2007-11-26 2008-11-24 Authentication method without credential duplication for users belonging to different organizations
BRPI0820065A BRPI0820065A2 (pt) 2007-11-26 2008-11-24 método de autenticação de credencial para usuários que pertencem a organizações diferentes
JP2010535465A JP5507462B2 (ja) 2007-11-26 2008-11-24 異なる組織に属する複数のユーザのためのクレデンシャルの複製を行わない認証方法
CA2706827A CA2706827C (fr) 2007-11-26 2008-11-24 Procede d'authentification sans duplication des informations d'identification pour les utilisateurs appartenant a des organisations differentes
KR1020107013948A KR101518526B1 (ko) 2007-11-26 2008-11-24 서로 다른 조직에 속하는 사용자들에 대한 증명물 복제 없는 인증 방법
EP08853846A EP2215802A2 (fr) 2007-11-26 2008-11-24 Procédé d'authentification sans duplication d'informations d'identification pour des utilisateurs appartenant à des organisations différentes
RU2010126178/08A RU2507702C2 (ru) 2007-11-26 2008-11-24 Способ аутентификации без дублирования учетных данных пользователей, принадлежащих к различным организациям

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IT000853A ITTO20070853A1 (it) 2007-11-26 2007-11-26 Metodo di autenticazione per utenti appartenenti ad organizzazioni diverse senza duplicazione delle credenziali
ITTO2007A000853 2007-11-26

Publications (2)

Publication Number Publication Date
WO2009068956A2 WO2009068956A2 (fr) 2009-06-04
WO2009068956A3 true WO2009068956A3 (fr) 2009-09-03

Family

ID=40315040

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2008/003194 WO2009068956A2 (fr) 2007-11-26 2008-11-24 Procédé d'authentification sans duplication des informations d'identification pour les utilisateurs appartenant à des organisations différentes

Country Status (10)

Country Link
US (1) US8386770B2 (fr)
EP (1) EP2215802A2 (fr)
JP (1) JP5507462B2 (fr)
KR (1) KR101518526B1 (fr)
CN (1) CN101919221B (fr)
BR (1) BRPI0820065A2 (fr)
CA (1) CA2706827C (fr)
IT (1) ITTO20070853A1 (fr)
RU (1) RU2507702C2 (fr)
WO (1) WO2009068956A2 (fr)

Families Citing this family (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8776214B1 (en) 2009-08-12 2014-07-08 Amazon Technologies, Inc. Authentication manager
US9767262B1 (en) 2011-07-29 2017-09-19 Amazon Technologies, Inc. Managing security credentials
US10362019B2 (en) 2011-07-29 2019-07-23 Amazon Technologies, Inc. Managing security credentials
US11444936B2 (en) 2011-07-29 2022-09-13 Amazon Technologies, Inc. Managing security credentials
US9420459B2 (en) * 2011-11-16 2016-08-16 Cellco Partnership Method and system for redirecting a request for IP session from a mobile device
US8863250B2 (en) 2012-02-01 2014-10-14 Amazon Technologies, Inc. Logout from multiple network sites
CN104364792B (zh) * 2012-02-01 2017-11-14 亚马逊科技公司 用于多个网络站点的账户管理系统
US8955065B2 (en) 2012-02-01 2015-02-10 Amazon Technologies, Inc. Recovery of managed security credentials
JP6111713B2 (ja) * 2013-02-06 2017-04-12 株式会社リコー 情報処理システム、情報処理装置、認証情報管理方法及びプログラム
US10475018B1 (en) 2013-11-29 2019-11-12 Amazon Technologies, Inc. Updating account data for multiple account providers
JP6287401B2 (ja) * 2014-03-18 2018-03-07 富士ゼロックス株式会社 中継装置、システム及びプログラム
US9866592B2 (en) * 2015-09-28 2018-01-09 BlueTalon, Inc. Policy enforcement system
US9871825B2 (en) 2015-12-10 2018-01-16 BlueTalon, Inc. Policy enforcement for compute nodes
US10091212B2 (en) 2016-03-04 2018-10-02 BlueTalon, Inc. Policy management, enforcement, and audit for data security
US11157641B2 (en) 2016-07-01 2021-10-26 Microsoft Technology Licensing, Llc Short-circuit data access
GB201612038D0 (en) * 2016-07-11 2016-08-24 Lookiimedia (Uk) Ltd Providing access to structured stored data
EP3324664A1 (fr) 2016-11-22 2018-05-23 Thomson Licensing Procédé, appareil et système permettant de contrôler l'accès à un réseau local
US10803190B2 (en) 2017-02-10 2020-10-13 BlueTalon, Inc. Authentication based on client access limitation
US10291602B1 (en) 2017-04-12 2019-05-14 BlueTalon, Inc. Yarn rest API protection
US10250723B2 (en) 2017-04-13 2019-04-02 BlueTalon, Inc. Protocol-level identity mapping
US10491635B2 (en) 2017-06-30 2019-11-26 BlueTalon, Inc. Access policies based on HDFS extended attributes
US11146563B1 (en) 2018-01-31 2021-10-12 Microsoft Technology Licensing, Llc Policy enforcement for search engines
US11005889B1 (en) 2018-02-02 2021-05-11 Microsoft Technology Licensing, Llc Consensus-based policy management
US11790099B1 (en) 2018-02-09 2023-10-17 Microsoft Technology Licensing, Llc Policy enforcement for dataset access in distributed computing environment

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060185021A1 (en) * 2002-03-15 2006-08-17 Microsoft Corporation Method and system of integrating third party authentication into internet browser code
US20060239254A1 (en) * 1998-12-08 2006-10-26 Nomadix, Inc. Systems and Methods for Providing Dynamic Network Authorization, Authentication and Accounting
EP1770940A1 (fr) * 2005-09-30 2007-04-04 Alcyone Holding S.A. Procédé et dispositif pour établir une connexion de communication entre un dispositif mobile et un réseau

Family Cites Families (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5898780A (en) * 1996-05-21 1999-04-27 Gric Communications, Inc. Method and apparatus for authorizing remote internet access
JPH10336172A (ja) * 1997-06-04 1998-12-18 Kyushu Syst Joho Gijutsu Kenkyusho 電子認証用公開鍵の管理方法
JP3538527B2 (ja) * 1997-08-05 2004-06-14 株式会社東芝 無線通信システムおよび無線通信方法
DE60045850D1 (de) * 1999-10-22 2011-05-26 Nomadix Inc System und Verfahren zur Bereitstellung dynamischer Netzautorisierung, -authentifizierung und -abrechnung
JP2002202934A (ja) * 2000-12-28 2002-07-19 Daiwa Securities Group Inc ウェブページのレイアウト変更方法
US7921290B2 (en) * 2001-04-18 2011-04-05 Ipass Inc. Method and system for securely authenticating network access credentials for users
JP2003016295A (ja) * 2001-06-28 2003-01-17 Nec Corp オンラインショッピング方法及びそのシステム並びにプログラム
US8484333B2 (en) * 2001-08-22 2013-07-09 Aol Inc. Single universal authentication system for internet services
US7363354B2 (en) * 2001-11-29 2008-04-22 Nokia Corporation System and method for identifying and accessing network services
CA2473793C (fr) * 2002-02-28 2014-08-26 Telefonaktiebolaget L M Ericsson (Publ) Systeme, procede et appareil pour services d'identification unique federes
US7523490B2 (en) * 2002-05-15 2009-04-21 Microsoft Corporation Session key security protocol
JP4304362B2 (ja) * 2002-06-25 2009-07-29 日本電気株式会社 Pki対応の証明書確認処理方法及びその装置、並びにpki対応の証明書確認処理プログラム
JP2004355073A (ja) * 2003-05-27 2004-12-16 Nippon Telegr & Teleph Corp <Ntt> ネットワーク認証とシングルサインオンの一括認証方法及びシステム
CA2527831C (fr) * 2003-06-30 2014-06-10 Telecom Italia S.P.A. Procede de selection de reseau dans des reseaux de communication, reseau associe et produit programme informatique utilise a cette fin
US20070113269A1 (en) * 2003-07-29 2007-05-17 Junbiao Zhang Controlling access to a network using redirection
FI120021B (fi) * 2003-08-27 2009-05-29 Nokia Corp Valtuustiedon hankkiminen
JP4579592B2 (ja) * 2004-06-25 2010-11-10 エヌ・ティ・ティ・コミュニケーションズ株式会社 情報提供サービスシステムおよび方法
CN100397814C (zh) * 2004-07-13 2008-06-25 中国工商银行股份有限公司 一种基于网络的统一认证方法及系统
US7900247B2 (en) * 2005-03-14 2011-03-01 Microsoft Corporation Trusted third party authentication for web services
US7886343B2 (en) * 2006-04-07 2011-02-08 Dell Products L.P. Authentication service for facilitating access to services
JP5464794B2 (ja) * 2006-07-24 2014-04-09 コニカミノルタ株式会社 ネットワーク管理方法およびネットワーク管理システム

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060239254A1 (en) * 1998-12-08 2006-10-26 Nomadix, Inc. Systems and Methods for Providing Dynamic Network Authorization, Authentication and Accounting
US20060185021A1 (en) * 2002-03-15 2006-08-17 Microsoft Corporation Method and system of integrating third party authentication into internet browser code
EP1770940A1 (fr) * 2005-09-30 2007-04-04 Alcyone Holding S.A. Procédé et dispositif pour établir une connexion de communication entre un dispositif mobile et un réseau

Also Published As

Publication number Publication date
JP2011505735A (ja) 2011-02-24
KR20100106990A (ko) 2010-10-04
CA2706827A1 (fr) 2009-06-04
CN101919221B (zh) 2015-09-30
US8386770B2 (en) 2013-02-26
CA2706827C (fr) 2017-05-09
US20100281524A1 (en) 2010-11-04
RU2010126178A (ru) 2012-01-10
ITTO20070853A1 (it) 2009-05-27
JP5507462B2 (ja) 2014-05-28
RU2507702C2 (ru) 2014-02-20
CN101919221A (zh) 2010-12-15
EP2215802A2 (fr) 2010-08-11
BRPI0820065A2 (pt) 2015-09-08
KR101518526B1 (ko) 2015-05-07
WO2009068956A2 (fr) 2009-06-04

Similar Documents

Publication Publication Date Title
WO2009068956A3 (fr) Procédé d&#39;authentification sans duplication des informations d&#39;identification pour les utilisateurs appartenant à des organisations différentes
WO2007039865A3 (fr) Systeme et/ou procede d&#39;authentification et/ou d&#39;autorisation
WO2008060820A3 (fr) Système et procédé d&#39;authentification d&#39;accès au serveur à distance
PL363770A1 (en) Method and system designed to authenticate user for sub-location of network location
WO2007118239A3 (fr) Service d&#39;authentification pour faciliter l&#39;accès à des services
WO2007115209A3 (fr) Cadre d&#39;applications de gestion d&#39;identité et d&#39;accès
WO2007039866A3 (fr) Systeme et/ou procede d&#39;authentification et/ou d&#39;autorisation via un reseau
WO2007013904A3 (fr) Systeme d&#39;authentification a jeton unique et facteurs multiples, et procede associe
WO2007039873A3 (fr) Systeme et/ou procede d&#39;autorisation bases sur des classes
WO2010060704A3 (fr) Authentification d’un canal de communication secondaire à base de jeton de client à serveur à travers des canaux de communication principaux authentifiés
WO2009022869A3 (fr) Procédé et appareil de communication et procédé et appareil de contrôle de communication
WO2011049784A3 (fr) Authentification au moyen d&#39;une authentification nuage
WO2007039874A3 (fr) Systeme et/ou procede d&#39;autorisation bases sur des roles
WO2007092651A3 (fr) Plate-forme hôte de confiance
WO2006039365A3 (fr) Procede et systeme d&#39;authentification sur un reseau ouvert
WO2006013555A3 (fr) Procede et systeme de verification et d&#39;autorisation d&#39;acces utilisateur fondes sur des parametres vocaux
WO2007026228A3 (fr) Procede securise pour accorder a une application d&#39;ordinateur hote la confiance faite a un dispositif de securite pour permettre l&#39;acces securise a une ressource internet
WO2007015253A3 (fr) Authentification a deux facteurs employant l&#39;adresse ip d&#39;un utilisateur
WO2004077794A3 (fr) Systeme et procede de gestion d&#39;un site web
DE602004028345D1 (de) Kundenauthentifizierung mittels eines Challenge-Anbieters
WO2002095554A3 (fr) Systeme et procede d&#39;authentification par biometrie
WO2008021454A3 (fr) Système d&#39;accréditation fédéré et procédé correspondant
WO2008092043A3 (fr) Système d&#39;autorisation et d&#39;authentification basé sur le téléphone mobile et processus pour gérer les informations individuelles sensibles
WO2004061597A3 (fr) Procede et systeme d&#39;emission d&#39;information de contexte d&#39;authentification
WO2008095011A3 (fr) Procédés et systèmes pour authentification d&#39;un utilisateur

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200880117640.3

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08853846

Country of ref document: EP

Kind code of ref document: A2

DPE1 Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101)
WWE Wipo information: entry into national phase

Ref document number: 2010535465

Country of ref document: JP

Ref document number: 2706827

Country of ref document: CA

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 3817/CHENP/2010

Country of ref document: IN

WWE Wipo information: entry into national phase

Ref document number: 2008853846

Country of ref document: EP

ENP Entry into the national phase

Ref document number: 20107013948

Country of ref document: KR

Kind code of ref document: A

WWE Wipo information: entry into national phase

Ref document number: 2010126178

Country of ref document: RU

WWE Wipo information: entry into national phase

Ref document number: 12742761

Country of ref document: US

REG Reference to national code

Ref country code: BR

Ref legal event code: B01E

Ref document number: PI0820065

Country of ref document: BR

Free format text: SOLICITA-SE A REGULARIZACAO DAS PROCURACOES, UMA VEZ QUE AS PROCURACOES APRESENTADAS NAO POSSUEM DATA. OBSERVA-SE QUE AS PROCURACOES APRESENTADAS NAO POSSUEM CLAUSULA QUE RATIFICA OS ATOS PRATICADOS ANTERIORMENTE.

ENP Entry into the national phase

Ref document number: PI0820065

Country of ref document: BR

Kind code of ref document: A2

Effective date: 20100526